Check Point researchers are sounding the alarm over a new strain of Android malware that has already compromised 25 million devices. The malware, referred to as Agent Smith, is capable of replacing legitimate applications with malicious copies that display rogue advertisements.
The malware is delivered via seemingly benign apps on third-party app stores. Once installed, the Agent Smith module will scan the apps present on the device and try to replace them with malicious doppelgangers. The malware can replace over 100 apps on a single device, but only if it is vulnerable to old Android vulnerabilities such as Janus, which was patched in 2017.
Read more: Agent Smith Malware Infects 25M Android Phones to Push Rogue Ads